Sunday, May 10, 2009

Day 991.c: Networking Woes Master Log

I. Objectives:


1. Establish physical connection (hardware) - /OK/
2. Establish network connection (via ping) - /OK/
3. Establish network connection (through GUI access) - /PENDING/
4. Establish file sharing - /PENDING/
5. Establish network gaming - /PENDING/

Linuxquestions forum post


Details:

Equipment:

1. CNet Network Switch
2. UTP CAT5 Ethernet Cables
3. RJ45
4. Ethernet Cards for each host

Operating Systems:

1. 2x Windows XP
2. 1x Ubuntu 9.04

Diagram:

http://s283.photobucket.com/albums/k...=homenwork.jpg


Objective:

1. ping each host to check connectivity
a. Ubuntu ping Windows
b. Windows ping Ubuntu
c. Windows ping Windows

2. Share Files
3. Play Network Games
4. Internet Access for the 3 hosts

Yet More Details:

1. I've set all of the hardware up
2. Windows hosts can ping other Windows Hosts - NOT UBUNTU

PROBLEM:

1. CONNECTIVITY

a. Ubuntu cannot ping other Windows hosts - Therefore NO CONNECTIVITY
Since I run dual boot.
b. I have not tried pinging Ubuntu from Windows XP yet
c. When I boot into Windows I CAN PING other Windows hosts

So my problem is 1.a. I have disabled the firewall of both Host 3 (Ubuntu) and Host 2 (Windows XP). I still cannot ping.



Diagnostics:

1. ifconfig

Code:
ifconfig
eth0      Link encap:Ethernet  HWaddr 00:02:44:43:b1:78  
          inet6 addr: fe80::202:44ff:fe43:b178/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:9296 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10109 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:7163143 (7.1 MB)  TX bytes:1770934 (1.7 MB)
          Interrupt:11 Base address:0xe400 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:166 errors:0 dropped:0 overruns:0 frame:0
          TX packets:166 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:11042 (11.0 KB)  TX bytes:11042 (11.0 KB)

ppp0      Link encap:Point-to-Point Protocol  
          inet addr:58.69.55.25  P-t-P:58.69.80.254  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:8829 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9633 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3 
          RX bytes:6940820 (6.9 MB)  TX bytes:1530280 (1.5 MB)
2. netstat -rn

Code:
netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
58.69.80.254    0.0.0.0         255.255.255.255 UH        0 0          0 ppp0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 ppp0
3. ping IP

Code:
ping 169.254.204.222
PING 169.254.204.222 (169.254.204.222) 56(84) bytes of data.
^C
--- 169.254.204.222 ping statistics ---
66 packets transmitted, 0 received, 100% packet loss, time 65021ms


Resolution Notes:

1. No clear solution remedy applied. I guess I was just lucky.
2. Followed steps to Share Internet Connection in: Ubuntuforums
3. Possibly configuring eth1 (LAN NIC) did the trick.
4. Internet Connection sharing not yet tested at time of writing
5. Ping Results:


ifconfig
eth0      Link encap:Ethernet  HWaddr 00:02:44:43:b1:78
          inet6 addr: fe80::202:44ff:fe43:b178/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5784 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6229 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4457949 (4.4 MB)  TX bytes:1350502 (1.3 MB)
          Interrupt:11 Base address:0xe400

eth1      Link encap:Ethernet  HWaddr 00:08:a1:58:ef:61
          inet addr:169.198.0.1  Bcast:169.198.0.1  Mask:255.255.255.0
          inet6 addr: fe80::208:a1ff:fe58:ef61/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1231 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1107 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:84936 (84.9 KB)  TX bytes:86685 (86.6 KB)
          Interrupt:10 Base address:0xe000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:489 errors:0 dropped:0 overruns:0 frame:0
          TX packets:489 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:56997 (56.9 KB)  TX bytes:56997 (56.9 KB)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:124.107.144.17  P-t-P:58.69.80.254  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:5516 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5952 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:4320452 (4.3 MB)  TX bytes:1202770 (1.2 MB)


I keep reading that people want to share their internet connection through an Ubuntu computer. So, i will put down a few basic steps that one has to do to turn any ubuntu installation into a basic gateway for other computers.
The Settings i am going to write down here are permanent ! so please remember this if you use a mobile device that it will always (!) act as a gateway for the configured network card.

In the following, i will refer to the network device that is connected to the internet as eth1. It is not compulsory that the internet device is called that - other possible names are: eth0, ath0, ppp0, ... and many more.
The computer/network with the clients is, in my case, connected to the network device eth0. This can also vary quite a lot, too.
Please make sure you know what device is which for you, and adjust all commands and configurations accordingly.

The basic scheme of what this setup looks like is:

PC-Client <---> PC-Gateway (ubuntu) <---> Internet

Prerequisites
Your ubuntu Computer has internet connection and you know which network device provides this functionality.

NOTE: how you are connected to the internet does not matter (ethernet, cable, wifi, dsl), as long as you have a second network device besides the one you are connection this should work.

Configuring the network card
the network card that serves the clients (eth0) needs a static ip address. This can be done outside of network manager and would be recommended that way, since you might need nm to still connect the gateway to the internet itself.
Note that this will result in network-manager to completely ignore the network card that you configured for the client network, thus rendering eth0 unavailable in nm.

edit the network configuration file and set eth0 to a static ip. to open the config use this command
Code:
gksu /etc/network/interfaces
now, to configure eth0, you will need add a few lines to the file. Also, this configuration ONLY works on ethernet cards, NOT on wireless. If you need a wireless card to be manually configures, there are a few sticky threads in this forum that will explain how to do it. I'll try to update this later and make sure i have an example for wireless cards ready aswell

add the following lines to the file
Code:
auto eth0
iface eth0 inet static
        address 10.8.16.1
        netmask 255.255.255.0
        broadcast 10.8.16.0
        network 10.8.16.0
This will set a static ip address for eth0 (10.8.16.1) and take the network card out of nm. these changes only take effect after rebooting. To temporarily use these settings, issue this command:
Code:
sudo ifconfig eth0 10.8.16.1
Enable IP forwarding
Port forwarding is turned off in ubuntu by default. But it is needed so that the Computer will forward pakets it receives. To enable port forwarding, issue the following command
Code:
gsku gedit /etc/sysctl.conf
and look for the following line
Code:
#net.ipv4.conf.default.forwarding=1
once that one is found, remove the # so that it reads to be
Code:
net.ipv4.conf.default.forwarding=1
These changes will take effect with the next reboot. if you want them to take effect right now, use these commands
Code:
sudo sysctl -w net.ipv4.ip_forward=1
[Update]
it has been reported multiple times that the sysctl.conf got ignored. You can check that issueing this command after a reboot:
Code:
sudo sysctl net.ipv4.ip_forward
if the answer is still 0. you will need to add a line to /etc/rc.local. open it to edit with
Code:
sudo gedit /etc/rc.local
and add this line BEFORE the exit 0 in the file
Code:
sysctl -w net.ipv4.ip_forward=1
then reboot and check with the above command if it still returns 0. ONLY do this change if you have to, as this is an ugly hack to force setting...
[/Update]
Configuring iptables (paket filter)
In order to allow pakets to pass though the router, we need to add a couple of iptables rules to the filter so that everything may pass our machine. Also we need to rewrite the pakets so that they can find their way back to us.
open the file /etc/rc.local with
Code:
gksu gedit /etc/rc.local
and add the following lines
Code:
/sbin/iptables -P FORWARD ACCEPT
/sbin/iptables --table nat -A POSTROUTING -o eth1 -j MASQUERADE
Doing it this way is neither elegant nor very secure, but it is basic and it should work. If you are worried about security issues, i suggest you read up in iptables and how to confugure the rules more secure than simply letting anything pass through.
again, these changes only take effect after a reboot.
to make the changes take effect right now, use these commands
Code:
sudo iptables -P FORWARD ACCEPT
sudo iptables --table nat -A POSTROUTING -o eth1 -j MASQUERADE
Configuring the client
There are two ways to configure the client - one is a static, manual config. If you would like to do this, then give the client an ip-address in the network 10.8.16.0/24 (i.e. 10.8.16.2), the gateway 10.8.16.1 and a dns server from your computer (they can be found in the file /etc/resolv.conf)

If you have multiple client, or do not want to configure something staticially, you might want to look at setting up a basic dhcp server which issues network configurations to clients.
to install the server, type the following
Code:
sudo apt-get install dhcp3-server
this should install the dhcp-server on your machine. The start will fail, but that is nothing to worry about.
before the dhcp server itself can be configured, we need one more little bit of information. We need to know what dns servers are used so we can push then to the clients that will be configured via this server. to find out the currently used dns server, use this command
Code:
cat /etc/resolv.conf
and note down the ip addresses that are written at the nameserver statement

The next step is to configure the dhcp-server so it knows what ip-addresses to dish out and what settings.
for that, edit the file /etc/dhcp3/dhcpd.conf with this command
Code:
gksu gedit /etc/dhcp3/dhcpd.conf
save the content in a different file (for later reference or if you want to do more with it later on), and then replace it with the following basic setup:
Code:
ddns-update-style none;
option domain-name "mynetwork";
option domain-name-servers Nameserver1, Nameserver2;
option routers 10.8.16.1;

default-lease-time 42300;
max-lease-time 84600;
authoritative;

log-facility local7;

subnet 10.8.16.0 netmask 255.255.255.0 {
  range 10.8.16.50 10.8.16.150;
}
The Bold entries in the config file have to replaced by the nameserver ip addresses that you previously got. if you only have one, remove the second one.

the last thing to do before the server can be started is to tell it what interface to listen on. This can be configures in the file /etc/default/dhcp3-server.
open it with
Code:
gksu gedit /etc/default/dhcp3-server
and edit the line with the INTERFACES="" to read
Code:
INTERFACES="eth0"
the dhcp-server will be automaticially started upon reboot. to manually start it now use this command
Code:
sudo /etc/init.d/dhcp3-server start
That is all you need for a basic setup of things.
Please be reminded that you need to always check the network devices in your computer aginst the ones in the config. If you configure blindly from this and your devices are swapped or named different, you can break you computers network entirely.

0 comments: